Iranian media reports say the country’s nuclear agency is trying to combat a complex computer worm that has affected industrial sites in Iran and is capable of taking over power plants.

The semi-official ISNA news agency says Iranian nuclear experts met this week to discuss how to remove the malicious computer code, dubbed Stuxnet, which can take over systems that control the inner workings of industrial plants.

Experts in Germany discovered the worm in July. It has since shown up in attacks in Iran, Indonesia, India and the U.S.

Friday’s report said the malware had spread throughout Iran, but did not elaborate. Foreign media reports have speculated the worm was aimed at disrupting Iran’s first nuclear power plant, which is to go online in October.

Until now, western security experts were the only ones reporting on and analyzing Stuxnet. No Iranian sources were willing to speak publicly about it. But the fact that this article quotes “Iranian nuclear experts” confirms that the worm has infected Iran’s nuclear complexes. The only thing left to know is whether the most damaged site was Natanz, the only known plant enriching uranium which might be used in producing a nuclear weapon, as I’ve speculated.

Well, that’s not exactly the only thing left to know. An equally intriguing question is who devised and planted the malware (how they did it would be interesting as well). The Iranians can’t very well blame Israel or the U.S. because to do so would acknowledge the damage Stuxnet has caused.

How it got in: they emailed it to the weakest point in the Iranian chunk of the internet, some low level educational server maybe, and the little monster replicated until it hit the nuclear sites. It was pretty sloppy, unless that was the intention (to act as a foreshadowing of how future bombing raids will go.)

Vote Up0Vote Down Reply

September 25, 2010 4:46 AM

Cyber-4Bomb

Strelnikov r u dumb!!!!!! hey this article never talked about stuxnet was already in nuclear systems, it already infected industrial systems and the iranian nuclear agency is fightin up the worm to avoid it infect the nuclear facilities. Strelnikov you must to learn to read man!!! hehe. and i got another point, what a heck means “low level educational server”???????? I guess you are a united states citizen, bcuz thats the dumbest expression i ever heard XD. I got an example of low level education: USA have a lower educational level than Mexico right now XD

Vote Up0Vote Down Reply

September 25, 2010 4:09 PM

Strelnikov

Troll.

Vote Up0Vote Down Reply

September 27, 2010 1:09 AM

uncle joe mccarthy

impossible…those computers at the facility are off the grid

it could only be implanted through jump stick

one of the reasons at security facilities in the states, those handy little devices are banned

Vote Up0Vote Down Reply

September 25, 2010 7:05 PM

Ryszard

It’s also likely that Iran was nowhere close to going online with the reactor on October and they are just circulating this story as an excuse. If Stuxnet was really capable of doing what Iran is suggesting, it would be one hell of a worm, the likes of which the world has not seen before.

Maybe there really is a Microsoft backdoor but they’ve been holding it, or this is he first time it’s been reported on…

Vote Up0Vote Down Reply

September 25, 2010 3:20 PM

dickerson3870

RE: “…whether the most damaged site was Natanz, the only known plant enriching uranium which might be used in producing a nuclear weapon…” – R.S.

FROM PAUL WOODWARD, WAR IN CONTEXT, 09/25/10:

(excerpt)…There is however another argument that can be made in which Bushehr becomes the target of cyberwarfare, even if it might not be a vital node in Iran’s nuclear program. In this scenario, Stuxnet would not be designed to perform its function until the reactor becomes fully operational. At that point, the malware would not simply stop the reactor working — it would trigger a Chernobyl-type nuclear meltdown.

Why would the attackers want to precipitate such a catastrophic event?
• In the hope that such an “accident” would make the Iranian government look unfit to safely operate any kind of nuclear program.
• To undermine Iranian domestic support for the program.
• To alienate Iran from its Gulf neighbors who would be exposed to the fallout.

It’s a waste of time arguing with you. Let’s just say that I trust the word of the most distinguished cyber security experts who disagree with you & point to the destruction of hundreds of Iranian centrifuges at Natanz & similar problems with Bushehr. Numerous media sources, intelligence experts & cyber security experts have speculated for a yr. that this damage was caused by precisely the type of weapon identified as Stuxnet. Do you have knowledge or experience that would compare to theirs & if you claim to have can you prove you do? Otherwise, you’re talking garbage.

And you’re arguing that because no damage to control systems was reported in the U.S. that Iran’s security standards are the same as the U.S. & therefore there can’t have been any damage?

You guys making this silly claim have a major problem. Sabotage has been reported repeatedly over the past yr. at Bushehr & Natanz. We know for a fact that massive numbers of centrifuges have failed at Natanz for no known reason other than sabotage. We know Israel and other nations have been attempting to sabotage these plants. Yossi Melman of Haaretz has reported this. He told me so (though he believes it’s more likely the U.S. is behind it). If it walks like a duck & talks like a duck it prob. IS a duck. I also love how people w. no known security background to speak of are willing to represent their own knowledge as superior to that of cyber security experts who spend their entire careers analyzing this stuff & telling us what it means.

I’ve been reading professional publications in the cybersecurity industry closely on this subject for a few weeks now & the consensus is as I’ve reported it. Anyone who attempts to claim that Stuxnet was a juvenile hacker prank w. no known impact or damage is advancing an argument that has no credibility.

First, there is a big differnce between infection and damage with most worms, Stuxnet in particular. If you have been reading about Stuxnet (as I have since the news first broke and I have been covering it in some detail on my blog) then you would know that it is a targeted worm designed to actively damage a very limited type and number of facilities.

Second, I never said that Stuxnet wasn’t targeted at Iraninan facilities. In fact, I have publicly expressed my opinion that it was. I’m just saying that I have not seen, nor is there anything in your report, that would justify that as a claim of fact. Further investigations might (hopefully) show that, until then everyone in the cyber security community is talking about supposition at this point. That is widely reported in the cyber security community.

Lastly, I have not claimed to be a cyber security expert, but my background in process chemistry, my use of process control systems, and my training in computer programing all make me well qualified to understand most of what those experts are saying.

Now, if you have heard specific claims of active damage at Iranian facilities caused (or even reasonably supspected) by Stuxnet, please report that. We need to hear that with as much detail as possible. I would clearly understand a reluctance to name sources, there would certainly be Iranian repercussions.

The Iranians would rightfully attempt to conceal precisely the type of information you & I would like to have. But the fact that massive amts of damage have been caused both at Bushehr AND Natanz, & caused in such a way that Stuxnet could easily have been the culprit indicate with a fairly high level of certainty that Stuxnet played a role in this if not the only role. We ain’t never gonna get certainty here unless we find a goldmine of data in some unexpected fashion down the road.

You should acknowledge the vast preponderance of supposition by actual cyber security experts that Stuxnet did REAL damage to Iran’s command & control systems. Here’s another report fr inside Iran indicating Iran hasn’t rid itself of the worm & its impact.

Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

disable

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.